Healthcare Cybersecurity Weekly Briefing 10-20-2017

Critical Informatics Healthcare Cyber Security

Critical Informatics Healthcare Cyber Security

Post Cyberattack: The Next Steps Your Business Needs to Take

It’s tempting to shut down after a data breach, but it’s important to be proactive to minimize the damage. Make sure you’re communicating properly with your staff, tech specialists, and clients, and be open and sincere about what happened. Provide details if you think they are necessary, and explain how each party will be impacted by what happened. Be sure to take responsibility, even if the attack was the fault of your IT provider rather than your company.

 

Unintended Disclosure Accounts for a Big Chunk of Data Breaches in 2017, and Spear Phishing is on the Rise
More than 40% of healthcare data breaches through the first three quarters of 2017 were the result of unintended disclosures, according to a report released by Beazley Group, which provides cyber liability insurance. The statistics included incidents reported by healthcare clients through the first nine months of 2017. The second most common data breach cause was hacking or malware at 19%, while 15% involved an insider. Previous Beazley reports show that ransomware incidents are up in 2017 compared to previous years.

 

CW500: How the NHS WannaCry Cyber Attack Unfolded
One of the reasons the NHS was so affected is its organisational structure. Whereas the Department of Health is responsible for policy, NHS England is responsible for commissioning services and NHS Digital acts as the data and information organisation, every single NHS trust or GP surgery out there is responsible for their own security. The problem is there’s a national scale issue, such as WannaCry, affecting the system, but you actually have no control, said Taylor.

 

Healthcare IoT Infrastructure Relies on Device-to-Cloud Security
The IoT modules are able to provide this level of security because they establish trust between the devices and the cloud by storing unique ID keys stored in tamper-resistant hardware. The public key infrastructure also requires mutual authentication to the cloud so each device accessing the network is identified and verified.

 

How Visibility Provides Stronger Healthcare Cloud Security
Solutions that take a more proactive approach to cloud security are becoming more popular in healthcare. Security net approaches, threat intelligence, and security information and event management (SIEM) help organizations gain much needed visibility into cloud environments. Both threat intelligence and SIEM give organizations visibility by producing massive amounts of data.

 

Stay up to date on the Healthcare Information Security news that you need to know by signing up for our Healthcare Briefing Here.

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.